What are Apps?
Over the last few years, desktops became laptops. Laptops gave way to Notebooks. Notebooks became Ultra Books and the trend is moving towards Tablets and Smartphones.
As a result of this, web applications are paving the way for Apps.
Reasons for “Apps” development
- No custom code execution on server side. It avoids application / server outages.
- Custom code will be executed in Client-Browser, or IIS or Windows Azure, which are completely out of SharePoint’s scope.
- The Server Object Model (SOM) code is replaced by Rest Services Client Side Object Model (CSOM) using which apps can communicate with a server. Authentication is done by OAuth.
- Installation/updation /uninstallation of apps can be done without affecting the SharePoint site.
- Better usability in mobile and tablets devices.
- Takes SharePoint to the next level in terms of usability, deployment, development and hosting (Cloud).
- Finally, everything in SharePoint 2013 is an App.
Types of Apps for SharePoint
- Complete client-side code
- Deployed to SharePoint On-premises, SharePoint online or in Office 365
- Deployed to a different on-premises server (not SharePoint) or the cloud
- Automatically provisions resources to SQL Azure and Windows Azure
Diagram of a possible Hybrid approach with some components in SharePoint and others residing in the Cloud:
Host Web and App/Remote Web:
App Development Tools:
- Office development tools for Visual Studio 2012/2013
- “Napa” Office 365 development tools
- Browser-based development environment (SharePoint-hosted apps only)
Office Development Tools for Visual Studio:
- NET web application projects include classes to handle app AuthZ and AuthN (using OAuth)
- Functions to manage SharePoint context across page requests
- Can create app contexts and/or user for app and/or host webs
- Functions to create and obtain AccessToken and ContextToken objects
- On other platforms, you have to do the OAuth implementation and manage tokens yourself
- Convert existing web application project to an App for SharePoint project
Accessing SharePoint data remotely:
- .NET Managed client object model (CSOM)
- REST endpoints with OData
- We can’t interact with data stored in SharePoint unless we (our apps) are authenticated to SharePoint and authorized to access data
- Authentication: Are you who you say you are?
- Authorization: Do you have permission to do what you are trying to do?
- How can cloud-hosted apps for Share Point securely access data from the remote web?
- Firewalls could be between servers
- Code and script could be running on different domains
- The external web server might not even be running Windows!
App authorization policy types:
- Only the user identity is considered (non-app interactions with Share Point)
- App + User
- “Access denied” if one and/or the other lacks permissions
- Both the app identity and the user identity are considered
- Only the app identity is considered
- Only supported for server-side code in cloud-hosted apps
- Can’t be used with certain APIs (e.g., Search, Project Server)
- Allows for elevation above current user’s permissions (or when there is no current user)
- Trust must be explicitly granted by the user installing the app (nothing or all)
- User installing the app must also have all permissions the app is requesting
Deploying provider-hosted apps:
- To use OAuth, you must register an app principal
- Automatically handled for Auto-hosted apps and <F5> local host deployments
- Requires a visit to /_layouts/15/AppRegNew.aspx for provider-hosted apps
- Update <appSettings> values in web.config file
<add key=”ClientId” value=”xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx” />
<add key=”ClientSecret” value=”xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=” />
- Deploy/publish your remote web project
- Set full URL for Start page in AppManifest.xml
- Right-click and “Publish…” the app project
- Click Package the app to generate .app file
- Deploy the .app file to your app catalog
- Click the link to launch the app
- Grant permissions the app requests